IT security news on the latest technology and the number one resource for your hardware and software needs.
Visit us at www.hyphenet.com

Monday, March 17, 2014

Why major companies fail to act on malware threats.

Destructive data breaches hit companies all the time. Last year,
Target was hit and exposed 40 million credit and debit cards along with
70 million customers personal data.

The malware installed on Target’s (TGT) security and payments system
was designed to steal every credit card used at the 1,797 U.S. stores.

Target has acknowledged that the breach could have been avoided if
they paid closer attention to alerts generated by their security
monitoring tools.

Targets credit card payment system is still out-of-date. The systems
aren’t able to pull up your account to tell you how much money you owe
on your monthly statement.

Target is not the only one with an out dated system that is subjected
to high security risks. More than 90 lawsuits have been filed against
Target by customers and banks for negligence and compensatory damages.

Many alarms are overlooked because sometimes it doesn’t mean anything
bad is happening. Sometimes a security alert shows their have been
inappropriate actions, which happen very often.

Six months before the breach, Target installed a network monitoring
tool security vendor FireEye that alerts the security personnel of
malware on its networks. The tool has cost Target $1.6 million, but
that’s only a fraction of how much damage could have been caused by the
considerable compromise. They spent $61 million responding to the
breach through Feb.1, 2014.

Target’s profit for holiday spending fell 46% from the same quarter the year before.

The FireEye system could have been configured to automatically remove
the threat. The software was new and untested at Target, and the
feature was not activated.

Target fell short on the process and policies. Many companies don’t
take security as seriously as they should. A highly secured network can
cost companies millions of dollars. Dollars they sometimes would like
to spend elsewhere.

In this instance, the breach could have been automatically stopped.
The system’s option to automatically delete malware as it’s detected was
turned off by Target’s security team.

If Target’s security team had followed up on the earliest FireEye
alerts, it could have been right behind the hackers on their escape
path.

The malware uncovered user names and passwords for the hackers to embed the code on their servers.
It’s unfortunate to know that this could have been easily avoided.
Maybe the security team was focused on some other security alert, or
maybe they just didn’t see the alert as important. Maybe the security
team underestimated the severity of a simple malware warning message.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.